Table Of Contents
Havent upgraded to iOS 8 yet, this is must know news for you.
Ditto the case, if you are using Apple TV version below 7.
Why is it dangerous now?
This exploit makes the devices running on iOS 7.1.x vulnerable to potential hackers.
Thus browsing an html page in Safari can transparently load multiple pdf files without any further user interaction.
CoreGraphics is the responsible of parsing the PDF files.
Apple Core Graphics framework fails to validate the input when parsing the colorspace specification of a PDF XObject.
The entire PoC can be read onBinamuse websiteand the author is saying that he will present a demo soon.
The author claims that the exploit is completely reliable and portable on iOS 7.1.x.
However some experts beg to differ.
Sounds like its not functional out of the box.
Apple support page however does not mention the effects of the exploit on iOS 7.1.x and earlier versions.
source: www.techworm.net
